Attorney's Docket No.: 39700-606001 US/NC39911 US 

Amendments To The Claims 

The following listing of claims replaces all prior listings of claims: 

Listing of Claims: 

1 . (Previously Presented) A system, comprising: 
an application device; 
a service device; 

a communication network configured to connect said application device to said service 

device; 

an internet protocol security service unit configured to provide one or more internet 
protocol security services comprising at least one of authentication services and encryption 
services, said internet protocol security service unit deployed in said service device; 

at least one management client configured to issue, in response to communication 
received at said application device from a user equipment via a session key management 
protocol, security association management requests to create and manage, with said session key 
management protocol, security associations for use by said provided internet protocol security 
services, said at least one management client deployed in said application device; and 

a management server configured to receive said security association management 
requests issued from said at least one management client and to respond, in connection with said 
internet protocol security service unit, to said security association management requests received 
at said management server, said management server deployed in said service device. 
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2. (Previously Presented) The system according to claim 1, wherein said application 
device further comprises an interface configured to provide communication between said at least 
one management client associated with said application device and said management server. 

3. (Previously Presented) The system according to claim 1, wherein said security 
association management requests to create and manage comprise at least one of adding requests 
configured to add security associations, deleting requests configured to delete security 
associations, and querying requests configured to query about security associations. 

4. (Previously Presented) The system according to claim 2, wherein said interface is 
further configured to use sockets for communication with said management server. 

5. (Previously Presented) The system according to claim 2, wherein said interface 
comprises data structures used in communication between said management client and said 
management server. 

6. (Previously Presented) The system according to claim 2, wherein said interface is 
implemented as a software library linked dynamically or statistically into a corresponding 
management client. 

7. (Previously Presented) The system according to claim 1, wherein said internet 
protocol security service unit and said management server are configured to use a local 
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communication channel for communications between said internet protocol security service unit 
and said management server. 

8. (Previously Presented) The system according to claim 1 , wherein at least one 
application device comprises two or more management clients, and wherein at least two of said 
management clients are configured to use different session key management protocols. 

9. (Cancelled) 

1 0. (Previously Presented) A method, comprising: 

providing one or more internet protocol security services comprising at least one of 
authentication services and encryption services from an internet protocol security service unit, 
said internet protocol security service unit being deployed in a service device; 

issuing, in response to communication received at an application device from a user 
equipment via a session key management protocol, security association management requests to 
create and manage, with said session key management protocol, security associations for use by 
said provided internet protocol security services, from at least one management client, said at 
least one management client being deployed in said application device; 

receiving, in a management server, said security association management requests issued 
from said at least one management client; and 

responding, in connection with said internet protocol security service unit, to said security 
association management requests received at said management server, said management server 
being deployed in said service device, 
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wherein said application device is connected to said service device by a communication 
network. 

1 1 . (Previously Presented) The method according to claim 10, wherein said issuing 
comprises communicating at least one of said security association management requests issued 
from said application device and corresponding responses via an interface associated with said 
application device. 

12. (Previously Presented) The method according to claim 10, wherein said security 
association management requests comprise at least one of adding requests for adding security 
associations, deleting requests for deleting security, and querying requests for querying about 
security associations. 

13. (Cancelled) 

14. (Currently Amended) An apparatus, comprising: 

at least one management client configured to issue, in response to communication 
received at said apparatus from a user equipment via a session key management protocol, 
security association management requests to create and manage, with said session key 
management protocol, security associations for use by one or more internet protocol security 
services comprising at least one of authentication services and encryption services provided by 
an internet protocol security service unit external to said apparatus; and 
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an interface configured to communicate said issued security association management 
requests to a management server external to said apparatus, said management server configured 
to respond to said security association management requests in connection with said internet 
protocol security service unit 

wherein the at least one management client is included in an application device . 

15. (Previously Presented) The apparatus according to claim 14, wherein said security 
association management requests to create and manage comprise at least one of adding requests 
configured to add security associations, deleting requests configured to delete security 
associations, and querying requests configured to query about security associations. 

1 6. (Currently Amended) An apparatus, comprising: 

an internet protocol security service unit configured to provide one or more internet 
protocol security services comprising at least one of authentication services and encryption 
services; and 

a management server configured to receive security association management requests 
issued from at least one management client included in an application device external to said 
apparatus and to respond, in connection with said internet protocol security service unit, to said 
received security association management requests to create and manage security associations. 

1 7. (Previously Presented) The apparatus according to claim 1 6, wherein said internet 
protocol security service unit is configured to use a local communication channel for 
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communications between said internet protocol security service unit and said management 
server. 

1 8. (Previously Presented) A method, comprising: 

issuing, in response to communication received at an application device from a user 
equipment via a session key management protocol, from at least one management client 
deployed in said application device, security association management requests to create and 
manage, with said session key management protocol, security associations for use by one or 
more internet protocol security services comprising at least one of authentication services and 
encryption services provided by an internet protocol security service unit external to said 
application device; and 

communicating at least one of said issued security association management requests to a 
management server external to said application device, wherein said management server is 
configured to respond to said security association management requests in connection with said 
internet protocol security service unit. 

1 9. (Previously Presented) The method according to claim 1 8, wherein said 
communicating comprises communicating at least one of said security association management 
requests issued from said application device and corresponding responses via an interface 
associated with said application device. 

20. (Previously Presented) The method according to claim 1 8, wherein said issuing 
comprises issuing said security association management requests comprising at least one of 
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adding requests for adding security associations, deleting requests for deleting security, and 
querying requests for querying about security associations. 

2 1 . (Currently Amended) A method, comprising: 

providing one or more internet protocol security services comprising at least one of 
authentication services and encryption services from an internet protocol security service unit, 
wherein said internet protocol security service unit is deployed in a service device; and 

receiving security association management requests to create and manage security 
associations, the security association management requests issued from at least one management 
client included in an application device external to said service device and responding, in 
connection with said providing the one or more internet protocol security services, to said 
received security association management requests. 

22. (Previously Presented) A computer readable storage medium encoded with 
instructions that, when executed by a computer, perform a process, the process comprising: 

providing one or more internet protocol security services comprising at least one of 
authentication services and encryption services from an internet protocol security service unit, 
said internet protocol security service unit being deployed in a service device; 

issuing, in response to communication received at an application device from a user 
equipment via a session key management protocol, security association management requests to 
create and manage, with said session key management protocol, security associations for use by 
said provided internet protocol security services, from at least one management client, said at 
least one management client being deployed in said application device; 
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receiving in a management server said security association management requests issued 
from said at least one management client; and 

responding, in connection with said internet protocol security service unit, to said security 
association management requests received at said management server, said management server 
being deployed in said service device, 

wherein said application device is connected to said service device by a communication 
network. 

23. (Previously Presented) A computer readable storage medium encoded with 
instructions that, when executed by a computer, perform a process, the process comprising: 

issuing, in response to communication received at an application device from a user 
equipment via a session key management protocol, from at least one management client 
deployed in said application device, security association management requests to create and 
manage, with said session key management protocol, security associations for use by one or 
more internet protocol security services comprising at least one of authentication services and 
encryption services provided by an internet protocol security service unit external to said 
application device; and 

communicating at least one of said issued security association management requests to a 
management server external to said application device, said management server configured to 
respond to said security association management requests in connection with said internet 
protocol security service unit. 

24. (Currently Amended) A computer readable storage medium encoded with 
instructions that, when executed by a computer, perform a process, the process comprising: 
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providing one or more internet protocol security services comprising at least one of 
authentication services and encryption services from an internet protocol security service unit, 
said internet protocol security service unit being deployed in a service device; and 

receiving security association management requests to create and manage security 
associations, the security association management requests, issued from at least one management 
client included in an application device external to said service device and responding, in 
connection with said providing the one or more internet protocol security services, to said 
received security association management requests. 

25. (Currently Amended) An apparatus, comprising: 

managing means for issuing, in response to communication received at said apparatus 
from a user equipment via a session key management protocol, security association management 
requests to create and manage, with said session key management protocol, security associations 
for use by one or more internet protocol security services comprising at least one of 
authentication services and encryption services provided by an internet protocol security service 
means external to said apparatus; and 

communicating means for communicating said issued security association management 
requests to a management server external to said apparatus, said management server configured 
to respond to said security association management requests in connection with said internet 
protocol security service means^ 

wherein the apparatus is included in an application device . 
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26. (Currently Amended) An apparatus, comprising: 

internet protocol security service means for providing one or more internet protocol 
security services comprising at least one of authentication services and encryption services; and 

receiving means for receiving security association management requests to create and 
manage security associations, the security association management requests issued from at least 
one management client included in an application device external to said apparatus and for 
responding, in connection with said internet protocol security service means, to said received 
security association management requests. 



